Virtually half of Gen Z (48%) has a facet hustle, the best proportion of every other technology. This will likely go away them at increased threat of cyberattacks.
Analysis from Kaspersky reveals how professionals engaged in a number of jobs could be a handy goal for malicious actors, with the predominant situation being the big selection of company apps that Gen Z employees should use — the extra apps employees use, the extra potential publicity factors for risk actors to take advantage of.
From H2 2024 to H1 2025, the analysis recognized greater than 6 million assaults mimicking platforms or content material related to 20 generally used work instruments. The platforms most frequently impersonated had been Zoom, Microsoft Excel and Outlook.
If firms set up BYOD insurance policies, the dangers enhance, because the potential exposure points for customers embrace skilled apps in addition to private ones.
Under, safety leaders talk about these findings.
Safety Leaders Weigh In
David Matalon, CEO at Venn:
Individuals usually assume older generations are probably the most weak on-line, nevertheless, Gen Z is going through a distinct type of cybersecurity risk. Not as a result of they’re much less tech-savvy, however as a result of they’re extra digitally uncovered. They’re juggling a number of gigs, usually working remotely, and doing all of it from private gadgets. That life-style creates an enormous assault floor.
Not like earlier generations who principally used company-issued gadgets on company networks, Gen Z is working from espresso outlets, managing freelance purchasers on WhatsApp, and clicking into tens of various apps a day — all from the identical laptop computer they use for YouTube and on-line buying. That mixing of private and work life is the place the actual threat is available in. One phishing electronic mail or pretend software program replace doesn’t simply put them in danger; it might probably expose their employer, too.
The problem isn’t about locking individuals down. It’s about enabling distant employees, particularly distant and hybrid-working Gen Z professionals, to make use of their very own gadgets securely, with out turning them right into a legal responsibility for each firm they work for. That’s the place conventional approaches like VPNs or transport company laptops fall quick. Gen Z wants safety that works the best way they do — versatile, distant, and fast-moving.
Anne Cutler, Cybersecurity Evangelist at Keeper Safety:
The idea that older generations are extra weak to cyber threats isn’t all the time correct. Gen Z is often extremely fluent in digital instruments, however that fluency can result in riskier behaviors — like sooner click on habits, password reuse and utilizing private gadgets for skilled work.
Gen Z’ers had been virtually born with iPads of their palms and an inherent belief that in style platforms and gadgets are secure, whereas older generations have extra skepticism towards know-how. Attackers know this and are tailoring phishing campaigns to imitate platforms that youthful workers use on daily basis, together with group collaboration instruments like Zoom and Outlook. And while you’re working throughout a number of roles or facet gigs, managing dozens of accounts with no safe system in place, a single compromised private or work credential can create a harmful chain response.
It’s crucial that every one generations use a safe password administration device to generate robust, distinctive passwords for each account – each of their skilled and private lives. That means, even when one platform is compromised, the remaining keep protected, and also you don’t have to recollect dozens of logins.
The sooner we begin cybersecurity training, the higher — however it must be partaking, age-appropriate and actionable. Lately, Keeper launched Flex Your Cyber, a public service initiative targeted on empowering college students, dad and mom, lecturers and directors to construct robust cybersecurity habits from an early age. With assist from the Nationwide Cybersecurity Alliance, CYBER.org, KnowBe4 and Atlassian Williams Racing, this system delivers enjoyable, interactive sources — like video games, movies and lesson plans — that assist households and colleges construct a basis of cyber consciousness.
The fact is that password reuse, weak credentials and phishing threats don’t wait till maturity to current a severe threat. Flex Your Cyber helps shut the training hole and makes digital safety and security a part of on a regular basis studying.
Chad Cragle, Chief Data Safety Officer at Deepwatch:
Whereas it’s usually assumed that older generations are extra weak to cyber threats, that view overlooks the distinctive dangers going through Gen Z. Sure, older customers could also be much less acquainted with evolving digital instruments. Nonetheless, additionally they are inclined to strategy unfamiliar know-how with extra warning. Gen Z, against this, grew up in a completely related world and is very comfy with know-how, however that consolation doesn’t all the time translate to cyber-savviness. Their behaviors usually put them at higher threat. They’re particularly vulnerable to extremely focused social engineering assaults that mimic their on a regular basis instruments and workflows. Between mid-2024 and mid-2025, over six million assaults involving pretend variations of in style collaboration platforms, together with Zoom, Outlook, and Excel, had been noticed. These aren’t simply generic phishing emails; they’re designed to appear like actual challenge assignments, assembly invitations, or requests from managers.
What units Gen Z aside is how briskly they transfer and the way a lot they juggle. They regularly change between a number of jobs or facet gigs, utilizing a mixture of private {and professional} apps, and infrequently work from unsecured gadgets or networks. These behaviors pose vital dangers to employers, together with shadow IT, unsecured endpoints, residual entry from earlier roles, and publicity to third-party subcontractors. Their behavior of putting in unvetted software program to resolve instant issues with out involving IT or safety introduces gaps which are powerful to observe or repair later.
To succeed in Gen Z, we have to change our strategy to training. Conventional coaching modules and prolonged insurance policies gained’t resonate with them. As an alternative, cybersecurity consciousness ought to be launched early, in highschool, bolstered in school, and stay related within the office. This implies quick, sensible coaching situations that mirror their experiences and priorities. Present them what occurs in the event that they click on, how a rip-off can result in misplaced revenue or status, and why defending their freelance portfolio is simply as essential as safeguarding firm information. For this technology, cybersecurity is greater than a company concern; it’s cultural and private, requiring training that’s as dynamic as their digital lives.
